60 likes | 218 Views
Stop the (Controls) Madness!. Bruce Beck Director Infor Global Solutions. Stop the (Controls) Madness!. Aberdeen’s September 2011 GRC survey findings: Customers and partners will always choose a business partner with lower liabilities
E N D
Stop the (Controls) Madness! Bruce Beck Director Infor Global Solutions
Stop the (Controls) Madness! • Aberdeen’s September 2011 GRC survey findings: • Customers and partners will always choose a business partner with lower liabilities • Being aggressive in building a business demands risk taking; knowing your risks improves confidence • Compliance is crucial to breaking new ground, regionally or globally
Stop the (Controls) Madness!CFOs Say a Significant Gap Remains Between the Effectiveness & Importance of Internal Controls How Would You Rate the Importance vs. the Effectiveness of These Cross-Enterprise Activities? 28% Gap 16% Gap 23% Gap Driving Finance cost reduction Executing continuous finance process improvements Strengthening compliance programs & internal controls Supporting/ managing / mitigating enterprise risk Source: IBM CFO Survey, 2010
Control activities are still primarily manual Stop the (Controls) Madness! What methods do you use to provide management assurance of your controls? 1 87% of organizations still rely primarily on manual control testing Mostly periodic manual checks/ standard reports Mix of regular manual & automated
Stop the (Controls) Madness! • Recommendations • Review and adjust your control structure frequently based on risk, not just compliance • Implement software tools to improve and automate process and control monitoring • Re-evaluate the use of spreadsheets in addressing risk and compliance issues due to lack of effective scalability
Enterprise risk management (ERM) is the process of planning, organizing, leading, and controlling the activities of an organization in order to minimize the effects of risk on an organization's capital and earnings. Enterprise risk management expands the process to include not just risks associated with accidental losses, but also financial, strategic, operational, and other risks. Monitoring Is a Key Component of COSO